If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

you can only use alternative bypass if your phone has supported firmware (you need BOTH rest file and bypass package)
if your firmware not supported, either flash supported firmware (only main part in enough) or post request on forum.
note, that you MUST flash firmware in SIGNED MODE.

please, visit support area to fetch latest bypass packages.

if you will use USB as interface, then you SHOULD turn phone on and install CSCA(MODEM) drivers.

if you are capable user, you can edit .inf files of CSCA(MODEM) drivers - we only need to installSony Ericsson Device XXX bus driver and Sony Ericsson Device xxx USB WMC Device Management
- all other devices is not needed.
that will help you to save comport numbers.

important! if your phone had unsupported firmware and you flashed main part (all parts) of supported - you MUST power on phone, so phone will update new firmware info.

because of way new alternative bypass method works, you need
TEST SIM card (mcc/mnc 00101) or OPERATOR SIM card. (you must be able browse phone menu,etc)

when i say "POWER ON FULLY" - i mean state of phone,
when it shows main screen with operator name ("no network" with test sim)

10.
if you using USB as interface:
"executor" applet will be run automatically

if you using COM/UFS as interface:
in phone menu go to games, find and run "executor" applet.

phone should enter preloader mode ( will appear as dead )

11. try to power on phone.
phone must NOT power on.
it is OKAY.

Code:

If phone power on, go to phone menu->games,
run "executor" application, go to step 11.

12. Disconnect phone, remove battery, insert battery, press "READY".

if you use USB as interface:
connect phone while holding corresponding button ('C' or '2' for w880).
notice,that you MUST NOT use "2+5" button combo.

wait for operation to finish.

13. turn phone on and check it. delete "executor" from games.

Code:

after unlock in phone will be application called "executor"
(menu->games->executor)
it is leftover from unlock procedure, you should delete it ... or....
if you run it - it will install preloader in phone and then you able to do
any setool2 function without all that long steps...
(just check ONLY "enable alternative security bypass")
phone will appear as "dead" for user in preloader mode

approximate time for unlock by patch using new alternative bypass method is 160-180 seconds on one phone.

precautions:
please take care that there is NO (at least, i can't get) cid52 firmwares for following db2010 phones: k310,k510,w810,z530,z550.
because of that if altbypass operation will go wrong for that phones - you should use reset operation in order to fix phone.

under "go wrong"i mean:
- terminated flash procedure or anything,which prevents phone from starting up
- changed IMEI of phone, which prevents phone from using new alternative bypass method.

possible problems:

in case of terminated flash/etc you can always return phone to life by flashing any original firmwares into them -
and then it ready for execution again

on "step 12" phone not booting, embedded loader not responding in 15 seconds)

due delicate bypass process such thing is possible, but that happens VERY rare.
nothing weird happens in that case, all you need to do:

reflash only main part of firmware in "signed mode" and start from step 1.

by accident procedure was stopped on "step 10" or user run executor and phone entered preloader mode ("died")

go to settings, check ONLY "enable alternative security bypass" - now you can do any operation with phone, like unlock/etc.

if using USB as interface, on step 10 setool2 stucks in loop with message "PHONE NOT READY YET", but phone is turned on okay

and process stops,but phone works normally on com/ufs.
what is root cause and what is solution ?

A:
that phone is tampered by dreambox software.

during their "famous' method of "testpoint bypass", they writing patched erom with own custom loader embedded, patching simlock signature check and ... erasing simlock signature without any reason, which prevents setool2 from making backup.

i had write a post on their forum, but they too arrogant even to read it.

fix is extremly simple:

using com/ufs write next script in SIGNED MODE (check ONLY "USE SIGNED MODE" on settings)

for db2020:

Code:

gdfswrite:0001085144554D4D5944415441

for db2012:

Code:

gdfswrite:0001072544554D4D5944415441

alas, they custom loader also breaks alternative bypass support using dcu60 cable,
so you only can use SIGNED MODE with dcu60 after their "testpoint".

i suggest to use setool2 reset method to put proper erom instead of tampered one.

2. main software somehow has been damaged (cause of free tools, etc)
solution -
select correct model
on settings check only "use signed mode".
add to firmware area only main part of firmware
press flash (use com/ufs or dcu60 with "2+5" keys if phone not connecting with "C" )
after that, phone should show identify normally.

to rename file/directory press F2 or select "rename" from popup menu
to delete file/directory press DEL or select "delete" from popup menu
note, that directory should be empty in order to delete it.
to write file/directory, drag-and-drop it from windows explorer to desired directory on phone.
to read file/directory press F5 or select "read" from popup menu.
note, that files/directory will be save to %setool2%\ph_out directory,existing files overwriting without notice.

q: i want to service j132 phone, but it not have fastport connector, only minuUSB. what to do ?

a:you need setool2 version >=v0.914042 for that.

you should create connector yourself: select either ufs or com modification 1219719_orig.jpg
(pinout discovered by rockerdongle team)
please note, that if you will create cable with 3 pins only, you should manually press power on button on phone when program displays "powering..."

q: for curiosity i have flashed ROM image in my lg ku580/kf75x/kt52x.
phone goes dead. i unlocked it and it came back to life, but i have no network. what to do ?

for LG A2 phones with Micro-B USB connector you need standart micro-usb cable and simple trick - in order to enable boot mode,
connect points DCIO and VPP together (see photo). after you finish working with phone - DISCONNECT points, otherwise battery will be drained in 2-3 hours.

The Following 6 Users Say Thank You to GSM™ For This Useful Post:

q: i tried to unlock lg kf75x/kt52x with IMEI "01xxx..." and got weird error,
phone goes dead. what to do ?

a:you need setool2 version >=v0.915020 for that.

just unlock phone again - it will be fixed and properly handled.
but - you must manually enter generated unlock code.
unlock code can be entered by typing 2945#*750#
in some cases, it will not work until you flash generic (open) firmware from support area.

edit:
from setool2 version >=v0.915025 direct unlock of such units reintroduced, you do not need enter codes manually.

q: i tried to unlock lg gt500,gt505. unlock process appeared to be okay, but phone dead after that ?
what to do ?

a:
reflash phone with any situable firmware from support.

q: there is too many bypass options. i'm stuck.

a:

here is short cheatlist of different phones and scenarios.

db2000 cid 16,29,36,37,49

normal bypass settings state - all unchecked, there is no any special bypass options for that phones.
if "use signed mode" checked - you can only flash signed (flash file CID/DOMAIN=phone CID/DOMAIN)
to unlock network locks/repair seczone no settings should be checked.
if phone has cid 37,49 and EROM is damaged - you need use hardware things to repair.
to unlock network locks using server "use signed mode" should be checked.
usercode can be seen in identify output.

db2001 cid 53

such asic can only be encountered in pda phones.
"use signed mode" should be checked
to unlock network locks "perform full unlock instead of usercode reset" should be checked
usercode can be seen in identify output
setool2 can not repair seczone in such phones at all.

db2010 cid 16,29,36,49

normal bypass settings state - all unchecked, there is no any special bypass options for that phones.
if "use signed mode" checked - you can only flash signed (flash file CID/DOMAIN=phone CID/DOMAIN)
to unlock network locks/repair seczone no settings should be checked.
if phone has cid 49 and EROM is damaged - you need use hardware things to repair.
to unlock network locks using server "use signed mode" should be checked.
usercode can be seen in identify output.

db2010 cid 50,51,52,53

"use signed mode" should be checked for RETAIL phones - you can only flash signed (flash file CID/DOMAIN=phone CID/DOMAIN)
setool2 can not repair seczone for that type of phones without hardware things.
to unlock network locks using server "use signed mode" AND "perform full unlock instead of usercode reset" should be checked
usercode can be seen in identify output.

there is two type of alternative bypass (bypass enables patch unlock, full fs operations, crossCID flash)

"use signed mode" should be checked for RETAIL phones - you can only flash signed (flash file CID/DOMAIN=phone CID/DOMAIN)
setool2 can not repair seczone for that type of phones without hardware things.
to unlock network locks using server "use signed mode" AND "perform full unlock instead of usercode reset" should be checked
to reset usercode lock you must check "use signed mode" only.

there is two type of alternative bypass (bypass enables patch unlock, full fs operations, crossCID flash)

not officially released by semc, but kukuruzer tool,using unique hardware device, can be used to create such phones.
such phones can not be serviced with anything, until CID will be lowered again via kukuruzer tool.

pnx5230 cid 49,51,52,53

"use signed mode" should be checked for RETAIL phones - you can only flash signed (flash file CID/DOMAIN=phone CID/DOMAIN)
setool2 can not repair seczone for that type of phones at all.
to unlock network locks using server "use signed mode" AND "perform full unlock instead of usercode reset" should be checked
to reset usercode lock you must check "use signed mode" only.

there is two type of alternative bypass (bypass enables patch unlock, full fs operations, crossCID flash)

"use signed mode" should be checked for RETAIL phones - you can only flash signed (flash file CID/DOMAIN=phone CID/DOMAIN)
to unlock network locks using server "use signed mode" AND "perform full unlock instead of usercode reset" should be checked
to reset usercode lock you must check "use signed mode" only.

there is one type of alternative bypass (bypass enables full unlock, full fs operations):

using local bypass: should check "use signed mode", "enable alternative security bypass"

db3200,db3210,db3350 cid 80,81

"use signed mode" should be checked for RETAIL phones - you can only flash signed (flash file CID/DOMAIN=phone CID/DOMAIN)
to unlock network locks using server "use signed mode" AND "perform full unlock instead of usercode reset" should be checked
to reset usercode lock you must check "use signed mode" only.

there is no alternative bypass.

semc ODM phones

"enable preloader security bypass" has no effect and must be disabled.

if "use signed mode" checked - you can use usb interface for some models, can use only signed flashes, can reset usercode and total time.
if "do full unlock instead user code reset" checked WITH "use signed mode" - you can do network unlock, server account required.
if "enable alternative security bypass" checked WITH "use signed mode" - you can do network unlock by patch, server account required.
if "use signed mode" NOT checked - you can make network unlock by patch using security hole, but that security hole is closed in all latest locosto chipset revisions.

lg3g,sharp cid 17,24,41,42,54 phones

"use signed mode", "enable alternative security bypass", "enable preloader security bypass" has no effect and must be disabled.

lg,sagem A2-based cid 54,60,185,186

"use signed mode" should be enabled (it has no effect for most functions,though)

Background:
C905 units produced before 08W45 may unfortunately have a batch problem with the PBA Key Flex Flip Complete. This can result in No Audio problem, Display problem or more unlikely GPS problem.

The Following 4 Users Say Thank You to GSM™ For This Useful Post:

Sony Mobile have released on CSPN/Mechanical a “all in one” application that support part calibration for all products that have calibration requirements; such as proximity sensor, touch, gyroscope calibration etc.